Security Advisory

CVE-2010-1633

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-06-03 14:00:00

Last updated 2024-08-07 01:28:42

Assigner redhat

State PUBLISHED

Description

RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.

← Browse all CVEs View on cve.org ↗